Leo Famulari skribis:
> On Fri, Aug 24, 2018 at 03:04:53PM +0200, Ludovic Courtès wrote:
>> In this week’s discussions, it’s unclear to me why people are focusing
>> so much on ImageMagick and Evince when the real issue is in
>> Ghostscript’s ability to run arbitrary commands from PostScript code
On Fri, Aug 24, 2018 at 03:04:53PM +0200, Ludovic Courtès wrote:
> In this week’s discussions, it’s unclear to me why people are focusing
> so much on ImageMagick and Evince when the real issue is in
> Ghostscript’s ability to run arbitrary commands from PostScript code. I
> rarely run ‘convert’ o
Hello Leo,
Leo Famulari skribis:
> For the last couple years, people have been finding exploitable bugs in
> the image processing system based on Ghostscript and ImageMagick /
> GraphicsMagick:
>
> http://seclists.org/oss-sec/2018/q3/142
> http://seclists.org/oss-sec/2016/q4/29
In this week’s d
For the last couple years, people have been finding exploitable bugs in
the image processing system based on Ghostscript and ImageMagick /
GraphicsMagick:
http://seclists.org/oss-sec/2018/q3/142
http://seclists.org/oss-sec/2016/q4/29
Despite these issues, these programs are still the best way to